Bug 218587

Summary: security/tor: transparent proxy doesn't work with default settings
Product: Ports & Packages Reporter: Johannes Jost Meixner <xmj>
Component: Individual Port(s)Assignee: Jochen Neumeister <joneum>
Status: Closed FIXED    
Severity: Affects Many People CC: joneum, yuri
Priority: --- Flags: bugzilla: maintainer-feedback? (yuri)
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch yuri: maintainer-approval+

Description Johannes Jost Meixner freebsd_committer 2017-04-12 12:01:00 UTC
Current default settings default to running tor as a transparent proxy, and executing tor (via the rc.d script) as _tor:_tor.

This prevents tor from being able to open /dev/pf, and leads to failure

I know of two workarounds, and both of them are quite ugly:

1.
rc.conf values are changed such that
tor_user=root
tor_group=wheel
and corresponding /usr/local/etc/tor/torrc obtains an entry
User _tor,

or

2. /dev/pf ownership is changed (e.g. via devfs settings to be persistent) to _tor:_tor.

The problem with 1) is that the rc.d script will modify ${tor_datadir} such that it cannot be written to by the _tor user.

The problem with 2) is changing ownership of the firewall to an unprivileged user.
Comment 1 Yuri Victorovich freebsd_committer 2017-04-12 19:22:03 UTC
Does 1. actually work for you (with modified rc script)? Starting as root and changing to _tor:_tor later seems like a solution.
Comment 2 Johannes Jost Meixner freebsd_committer 2017-04-13 10:56:23 UTC
Sure does
Comment 3 Johannes Jost Meixner freebsd_committer 2017-05-16 14:39:07 UTC
Can you move this forward please?
Comment 4 Yuri Victorovich freebsd_committer 2017-05-19 16:39:44 UTC
Sorry for the delay.
I will move this once previous patches are committed, bug#219246, in order to avoid conflicts.

Regards,
Yuri
Comment 5 Johannes Jost Meixner freebsd_committer 2017-06-15 07:32:22 UTC
(In reply to Yuri Victorovich from comment #4)
Any progress?
Comment 6 Yuri Victorovich freebsd_committer 2017-06-15 16:23:45 UTC
Created attachment 183502 [details]
patch

Implemented setuid feature.

The user should add tor_setuid=YES to /etc/rc.conf to make tor do setuid in runtime after opening the externally provided files.
Comment 7 commit-hook freebsd_committer 2017-06-17 10:55:49 UTC
A commit references this bug:

Author: joneum
Date: Sat Jun 17 10:54:54 UTC 2017
New revision: 443770
URL: https://svnweb.freebsd.org/changeset/ports/443770

Log:
  - security/tor: Implemented setuid feature
   *The user should add tor_setuid=YES to /etc/rc.conf
    to make tor do setuid in runtime after opening the
    externally provided files.

  PR:		218587
  Submitted by:	xmj
  Approved by:	Yuri Victorovich <yuri at rawbw.com> (maintainer)
  Approved by:	miwi (mentor)
  Differential Revision:	https://reviews.freebsd.org/D11223

Changes:
  head/security/tor/Makefile
  head/security/tor/files/tor.in
Comment 8 Jochen Neumeister freebsd_committer 2017-06-17 10:56:09 UTC
Committed, thanks :-)